Cisco AMP Endpoint for RHEL 8

ciccero · ‎05-21-2019

Hey there,
I am glad Cisco is supporting RHEL 7, but RHEL 8 has been released and the obvious question is:

Will Cisco AMP gets an Endpoint for this?

Also there were some rumors Cisco is working on an Ubuntu compatible version. As RHEL 8 is using Kernal 4.18, which is not compatible with the RHEL 7 AMP endpoint due to the usage of jprobes, which are not longer available in Kernel 4.15 (see also https://github.com/cisco/ampfsm) there is more work affordable I guess. So in the same way, a Ubuntu client looks like an option to me now.

Friendly hint -> Look at Sophos Talpa module (https://github.com/sophos/talpa). They found a way to monitor file access and its compatible with Kernel 5+, as far as I know.

I hope for positive response :D

infrateam · ‎11-19-2019

Six months on... any further info on this?

LongWayHome (LWH) · ‎03-02-2020

Hi, can we get an update on AMP for RHEL8 please?

JohnAhrends58407 · ‎02-01-2021

This question with no response makes me think that CISCO support is nonexistent for this product.

antc · ‎07-07-2021

Cisco AMP support for RHEL 8 was added in May 2020 starting with version 1.13.0. The current version is 1.15.5 and supports RHEL 8.1-8.4.

Take a look at AMP for Endpoints Linux Connector OS Compatibility for more information.